/*
 AMENDMENTS:
 DATE          NAME        VERSION     DESCRIPTION
--------       -----       -------     -----------
 21/01/2009    KCF       	1.0.0       1.UpdateSecGroup.java : Add Update Security Group & Module.
*/
package com.mbbmap.security.action;



import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import com.mbbmap.app.EbppKeys;
import com.mbbmap.app.dao.SysLogDao;
import com.mbbmap.app.home.SecGroupHome;
import com.mbbmap.app.home.SysLogHome;
import com.mbbmap.app.manager.ConfigManager;
import com.mbbmap.util.Constants;
import com.mbbmap.util.EncryptionHelper;
import com.mbbmap.util.SecAccessHelper;
//20071204 : Added by Michael


/**
 *
 */
public final class UpdateSecGroupAction extends CommonDispatchAction {
    
    final String moduleCode = Constants.MDL_SEC_GROUP_MODULE;

  /**
   * Load Security Group
   */
  public ActionForward init(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {
    
    HttpSession session = request.getSession(false);
	System.out.println("UpdateSecGroupAction.java: init");
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecGroupAction.java: init strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		System.out.println("Merchant string is invalid.");
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
    	return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
    }else{
    	resetToken(request);
    	System.out.println("Token validation passed!");
    }
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	System.out.println("Security access is "+accessAllow);
	accessAllow = true;
	System.out.println("Security access changed to "+accessAllow);
	if (!accessAllow) {
		System.out.println("Access is not allowed.");
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }
	
	System.out.println("UpdateSecGroupAction.java: init strMerchant : " + strMerchant);
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	System.out.println("Hey this is it: " + arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);

	//System.out.println("UpdateSecGroupAction.java: init arlSecGroupList & arlSecModuleList: " + arlSecGroupList.size() +"=>"+arlSecModuleList.size());

    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

  /**
   * Update Security Group
   */
  public ActionForward updgroup(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecGroupAction.updgroup";
    HttpSession session = request.getSession(false);
    if(session==null){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
    if(!isTokenValid(request)){
    	System.out.println("Token validation failed!");
		session.invalidate();
    	return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
    }else{
    	resetToken(request);
    	System.out.println("Token validation passed!");
    }
	String strGroupCode = sanitize(request.getParameter("groupcode"));
	String strGroupName = sanitize(request.getParameter("groupname"));

	System.out.println("UpdateSecGroupAction.java [updgroup]: strGroupCode = " + strGroupCode);
	System.out.println("UpdateSecGroupAction.java [updgroup]: strGroupName = " + strGroupName);
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strGroupCode == null) || (strGroupCode.equals(""))){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if ((strGroupName == null) || (strGroupName.equals(""))){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	accessAllow = true;
	System.out.println("Security access changed to "+accessAllow);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	
	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant login id is : " + strEncryptedUID);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant rolecode is : " + roleCode);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setUserField1("Add Group Code="+strGroupCode + ", Group Name="+strGroupName);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);
	
	System.out.println("UpdateSecGroupAction.java: init strMerchant : " + strMerchant);
	
	String strUpdate = SecGroupHome.getInstance().addSecGroup(strGroupCode,strGroupName,strLoginID,strMerchant);
	if (!strUpdate.equals(Constants.DB_YES)) {
	    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
	}
	SysLogHome.getInstance().insertSysLog(sysLogDao);
	
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);

    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }


 /**
   * Update Module Group
   */
  public ActionForward updmodule(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    HttpSession session = request.getSession(false);
    final String PROG_ID="UpdateSecGroupAction.updmodule";
    
    if(session==null){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
    if(!isTokenValid(request)){
    	System.out.println("Token validation failed!");
		session.invalidate();
    	return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
    }else{
    	resetToken(request);
    	System.out.println("Token validation passed!");
    }
	String strModuleCode = sanitize(request.getParameter("modulecode"));
	String strModuleName = sanitize(request.getParameter("modulename"));

	System.out.println("UpdateSecGroupAction.java [updmodule]: strModuleCode = " + strModuleCode);
	System.out.println("UpdateSecGroupAction.java [updmodule]: strModuleName = " + strModuleName);
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strModuleCode == null) || (strModuleCode.equals(""))){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if ((strModuleName == null) || (strModuleName.equals(""))){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	accessAllow = true;
	System.out.println("Security access changed to "+accessAllow);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    	}


	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setUserField1("Add Module Code="+strModuleCode + ", Module Name="+strModuleName);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);

	System.out.println("UpdateSecGroupAction.java: init strMerchant : " + strMerchant);
	String strUpdate = SecGroupHome.getInstance().addSecModule(strModuleCode,strModuleName,strLoginID,strMerchant);
	if (!strUpdate.equals(Constants.DB_YES)) {
	    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
	}
	SysLogHome.getInstance().insertSysLog(sysLogDao);

	
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);

    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }


 /**
   * Remove Security Module
   */
  public ActionForward remmodule(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecGroupAction.remmodule";    
    HttpSession session = request.getSession(false);
    if(session==null){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
    if(!isTokenValid(request)){
    	System.out.println("Token validation failed!");
		session.invalidate();
    	return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
    }else{
    	resetToken(request);
    	System.out.println("Token validation passed!");
    }
	String strModuleCode = "";
	String strEModuleCode = "";
	strEModuleCode = request.getParameter("sremmodule");

	System.out.println("UpdateSecGroupAction.java [updmodule]: strModuleCode = " + strModuleCode);
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEModuleCode == null) || (strEModuleCode.equals(""))){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		strModuleCode = sanitize(EncryptionHelper.decrypt(strEModuleCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
	}

	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }
	
	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setUserField1("Remove Module Code="+strModuleCode);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);
	
	System.out.println("UpdateSecGroupAction.java: init strMerchant : " + strMerchant);
	String strUpdate = SecGroupHome.getInstance().removeSecModule(strModuleCode,strLoginID,strMerchant);
	if (!strUpdate.equals(Constants.DB_YES)) {
	    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
	}
	SysLogHome.getInstance().insertSysLog(sysLogDao);
	
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);

    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }


 /**
   * Remove Security Group
   */
  public ActionForward remgroup(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecGroupAction.remgroup";
    HttpSession session = request.getSession(false);
    if(session==null){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
    if(!isTokenValid(request)){
    	System.out.println("Token validation failed!");
		session.invalidate();
    	return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
    }else{
    	resetToken(request);
    	System.out.println("Token validation passed!");
    }
	String strGroupCode = "";
	String strEGroupCode = "";
	strEGroupCode = request.getParameter("sremgroup");

	System.out.println("UpdateSecGroupAction.java [remgroup]: strEGroupCode = " + strEGroupCode);
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecGroupAction.java: remgroup strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEGroupCode == null) || (strEGroupCode.equals(""))){
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		strGroupCode = sanitize(EncryptionHelper.decrypt(strEGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
	}

	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	System.out.println("Security access is "+accessAllow);
	accessAllow = true;
	System.out.println("Security access changed to "+accessAllow);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecGroupAction.java: remgroup strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setUserField1("Remove Group Code="+strGroupCode);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);
	
	System.out.println("UpdateSecGroupAction.java: remgroup strMerchant : " + strMerchant);
	String strUpdate = SecGroupHome.getInstance().removeSecGroup(strGroupCode,strLoginID,strMerchant);
	if (!strUpdate.equals(Constants.DB_YES)) {
	    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
	}
	SysLogHome.getInstance().insertSysLog(sysLogDao);
	
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);

    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }
}
